The present invention relates to memory devices and, more particularly, to a memory device having a data protection circuit for protecting contents stored in memory from illegal reads such as fraudulent copy.
For example, some semiconductor memories such as ROM (Read Only Memory) and flash EEPROM (batch-erase type Electrically Erasable, Programmable Read Only Memory) are equipped with a built-in data protection circuit to protect programs and data stored therein from illegal reads such as fraudulent copy.
In data protection circuits that have conventionally been practically used or proposed, as disclosed in Japanese Patent Laid-Open Publications HEI 6-282495, HEI 4-284556, HEI 8-115265 and HEI 11-175334, when a specific address is designated upon scanning of addresses of a semiconductor memory, data read from a specified range of addresses following the specific address are converted into false data having an arbitrary regularity (inversion, bit exchange or the like) and outputted as such.
FIG. 3 shows a semiconductor memory device internally equipped with a conventional data protection circuit. This semiconductor memory device is a circuit using, for example, an electrically erasable flash EEPROM. Referring to FIG. 3, an address decoder 1 decodes an input address coming from external to select word lines and bit lines of a memory cell array 2, which is an array of flash EEPROM cells. Then, data is read from memory cells associated with the selected word lines and bit lines by the memory cell array 2, and outputted to one input terminal of a multiplexer (MUX) 4 and a false data conversion circuit 3. After this, the false data conversion circuit 3 converts the read data into the false data, and outputs the false data to the other input terminal of the multiplexer 4.
On the other hand, a coincidence circuit 5 compares a specific address set and outputted by a specific address setting circuit 6 with the input address, where if these two addresses are coincident with each other, the coincidence circuit 5 outputs a coincidence signal, which is a pulse signal of a specified time duration. Then, a multiplexer switching circuit 7, upon receiving the coincidence signal from the coincidence circuit 5, toggles the output of the multiplexer 4 to the false data side for a specified time.
As a result of this, each time the input address becomes the specific address, the multiplexer 4 selects the false data derived from the false data conversion circuit 3 for the specified time, and transmits the data to an output buffer circuit 8. Otherwise, the multiplexer 4 selects data read from the memory cell array 2, and transmits the data to the output buffer circuit 8. Then, the data transmitted from the multiplexer 4 is outputted to external by the output buffer circuit 8.
In this case, when addresses of the memory cell array 2 are scanned in an unauthorized user""s attempt at an illegal read, the output of the multiplexer 4 is toggled to the false data side for the specified time based on the coincidence signal derived from the coincidence circuit 5 each time the specific address is inputted. As a result, each time the specific address is inputted, false data corresponding to a specified range of addresses is outputted.
In contrast to this, an authorized user is allowed to make such a setting, in preparing programs to be stored into the memory cell array 2, that data is not read from the specific address. Also, since the authorized user knows the specific address and the method for converting false data, the authorized user can restore correct data even if false data corresponding to the specified range of addresses following the specific address is read. However, without enough care to the false data conversion method in the false data conversion circuit 3, there is a possibility that the specific address may be found out when the false data contains some data which is out of common use. As the false data conversion method, the following methods have been proposed:
(1) Read data is modified by the address signal itself, thereby converted into false data, and outputted; (2) Read data is converted into false data having an arbitrary regularity and outputted; (3) Read data is inverted, thereby converted into false data, and outputted; and (4) Read data as well as output data of a random data generating circuit are arithmetically processed by an arithmetic circuit, thereby converted into false data, and outputted.
However, the semiconductor memory device internally equipped with this conventional data protection circuit has the following problems. That is, in this conventional data protection circuit, it is relatively easy to determine the specific address at which false data begins to be outputted, and moreover all the output data corresponding to a specified range of addresses following the specific address is false data. Therefore, if the specific address is determined, there is a possibility that original read data corresponding to the specified range of addresses following the specific address may be analyzed out.
Accordingly, an object of the present invention is to provide a memory device which makes it impossible to reproduce correct data or correct program codes even in an attempt to illegally read out memory contents.
In order to achieve the above object, there is provided a memory device characterized by detecting that an access address to a memory cell array has coincided with a preset specific address, counting a number of times of the coincidence between the access address and the specific address, and outputting data other than data read from the access address in the memory cell array at a specified period based on the counted value.
With this constitution, when addresses of the memory cell array are scanned in an unauthorized user""s attempt at an illegal read, data other than data read from the accessed addresses in the memory cell array is outputted at a specified cycle period based on the number of times the accessed address has coincided with the specific address. Therefore, the unauthorized user is inhibited from reproducing correct data or correct program codes from acquired data. Accordingly, the unauthorized user is also inhibited from correctly emulating a memory device capable of outputting the correct data or correct program codes.
Even if the specific address should be found out from acquired data, it would be impossible to determine which is correct read data, because output data over a specified range of addresses following the specific address is in some cases correct read data and in other cases data other than the read data.
In one embodiment of the present invention, the memory device further comprises: a memory cell array; a data conversion circuit for converting read data read from the memory cell array into other data and outputting the converted data; a multiplexer for receiving, as its inputs, the read data and the converted data of the read data, and outputting either one of those data; a coincidence-number counter for counting a number of times the preset specific address and the input address have coincided with each other, and outputting a pulse signal each time a counted value becomes a specified value; and a multiplexer switching circuit for toggling the output of the multiplexer to the converted data side each time the pulse signal is inputted.
With this constitution, when addresses of the memory cell array are scanned in an unauthorized user""s attempt at an illegal read, converted data other than data read from an input address in the memory cell array is outputted over a range corresponding to a pulse duration of the pulse signal from the coincidence-number counter at a specified cycle period that depends on the number of times the input address has coincided with the specific address. Therefore, the unauthorized user is inhibited from reproducing correct data or correct program codes from acquired data. Even if the specific address should be found out from acquired data, it would be impossible to determine which data is correct read data, because the output data corresponding to a specified range of addresses following the specific address is in some cases correct data and in other cases false data.
In one embodiment of the present invention, the memory device further comprises: a memory cell array; an address conversion circuit for converting an input address into another address; a multiplexer for receiving, as its inputs, the input address and the converted address of the input address, and outputting either one of those addresses; an address decoder for decoding the address from the multiplexer to select memory cells of the memory cell array; a coincidence-number counter for counting a number of times the preset specific address and the input address have coincided with each other, and outputting a pulse signal each time a counted value becomes a specified value; and a multiplexer switching circuit for toggling the output of the multiplexer to the converted data side each time the pulse signal is inputted.
With this constitution, when addresses of the memory cell array are scanned in an unauthorized user""s attempt at an illegal read, read data from a converted address other than an input address in the memory cell array is outputted over a range corresponding to a pulse duration of the pulse signal derived from the coincidence-number counter at a specified cycle period that depends on the number of times the input address has coincided with the specific address. Therefore, it is impossible to reproduce correct data or correct program codes from acquired data. Even if the specific address should be found out from the acquired data, it would be impossible which is correct read data, because the output data corresponding to the specified range of addresses following the specific address is in some cases correct data and in other cases false data.
In one embodiment of the present invention, first program codes executable by an external arithmetic unit are stored in the memory cell array, and the data, other than the read data, to be outputted at the specified period are second program codes executable by the arithmetic unit.
With this constitution, first program codes read from the accessed addresses of the memory cell array are transmitted to the external arithmetic unit until the accessed address reaches the specific address. Then, when the accessed address has reached the specific address, second program codes other than the read codes from the access address are transmitted to the arithmetic unit over a specified range of addresses. Therefore, it becomes possible that the arithmetic unit normally executes the first program codes and that, each time the access address has reached the specific address, the arithmetic unit executes the second program codes.
In one embodiment of the present invention, the memory cell array is a semiconductor memory cell array, which is implemented by any one of nonvolatile memory, read only memory or batch-erase type electrically erasable, programmable read only memory.
With this constitution, data stored in the memory array cell of the semiconductor memory such as nonvolatile memory, ROM or flash EEPROM is prevented from illegally read by any unauthorized user, and from being used to emulate the semiconductor memory device.